package cn.edu.zhku.controller;

import cn.edu.zhku.aspect.annotation.CheckDataExist;
import cn.edu.zhku.aspect.annotation.CheckNoExist;
import cn.edu.zhku.aspect.annotation.CheckUsernameExist;
import cn.edu.zhku.aspect.annotation.SetUserId;
import cn.edu.zhku.constant.ResponseCode;
import cn.edu.zhku.dto.UserDto;
import cn.edu.zhku.pojo.User;
import cn.edu.zhku.service.UserService;
import cn.edu.zhku.swagger.notes.UserApiNotes;
import cn.edu.zhku.util.PojoUtil;
import cn.edu.zhku.util.ResultUtil;
import cn.edu.zhku.util.ShiroUtil;
import com.alibaba.fastjson.JSONObject;
import io.swagger.annotations.ApiOperation;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.apache.shiro.crypto.hash.Md5Hash;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.*;

import java.util.UUID;

@RestController
@RequestMapping("/api/user")
public class UserController {

    @Autowired
    private UserService userService;

    @RequiresPermissions("user:get")
    @CheckDataExist("没有查到用户相关信息")
    @GetMapping("/{userId}")
    @ApiOperation("获取用户的基本信息")
    public JSONObject getUser(@PathVariable Integer userId) {
        if (userId == null || userId == -1)   userId = ShiroUtil.getUserId();
        User user = this.userService.findById(userId);
        return ResultUtil.getResult(ResponseCode.ok, "成功返回用户的基本信息", user);
    }

    @CheckUsernameExist
    @GetMapping("/username/{username}")
    @ApiOperation("检测用户名是否可用")
    public JSONObject checkUsernameExist(@PathVariable String username) {
        return ResultUtil.getResult(ResponseCode.ok, "用户名可用");
    }

    @CheckNoExist
    @GetMapping("/no/{no}")
    @ApiOperation("检测学号/工号是否可用")
    public JSONObject checkNoExist(@PathVariable String no) {
        return ResultUtil.getResult(ResponseCode.ok, "学号可使用");
    }

    @RequiresPermissions("user:edit")
    @SetUserId
    @CheckNoExist
    @PatchMapping("/edit")
    @ApiOperation(value = "修改用户信息", notes = UserApiNotes.editUser)
    public JSONObject editUser(@RequestBody UserDto userDto) {
        User user = userDto.getUser();
        if (PojoUtil.user.needUpdateUser(user)) {
            this.userService.modifyOne(userDto.getUser());
            return ResultUtil.getResult(ResponseCode.ok, "修改用户基本信息成功");
        } else
            return ResultUtil.getResult(ResponseCode.ok, "用户基本信息无需修改");
    }

    @RequiresPermissions("user:resetPwd")
    @SetUserId
    @PatchMapping("/resetPwd")
    @ApiOperation(value = "重置密码", notes = UserApiNotes.resetPwd)
    public JSONObject resetPwd(@RequestBody UserDto userDto) {
        User user = userDto.getUser();
        if (PojoUtil.user.needUpdatePassword(userService, user)) {
            String salt = UUID.randomUUID().toString();
            String credential = new Md5Hash(user.getPassword(), salt, 1024).toString();
            this.userService.resetPwdById(user.getUserId(), credential, salt);
            return ResultUtil.getResult(ResponseCode.ok, "修改用户密码成功");
        } else
            return ResultUtil.getResult(ResponseCode.ok, "用户密码无需修改");
    }

}
